CN104580255B - Authentication method and system of the identification equipment based on recognizable code stream to terminal device - Google Patents
Authentication method and system of the identification equipment based on recognizable code stream to terminal device Download PDFInfo
- Publication number
- CN104580255B CN104580255B CN201510053181.9A CN201510053181A CN104580255B CN 104580255 B CN104580255 B CN 104580255B CN 201510053181 A CN201510053181 A CN 201510053181A CN 104580255 B CN104580255 B CN 104580255B
- Authority
- CN
- China
- Prior art keywords
- information
- code
- terminal device
- identification equipment
- medium
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/22—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
- G07C9/23—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder by means of a password
Abstract
The present invention discloses authentication method and system of a kind of identification equipment based on recognizable code stream to terminal device.Method includes, step 1:Terminal device generates the medium for being stored with data symbol information, medium includes carrying out the first number information, temporal information, opcode information and the extra-code information of first time encryption by the use of preset password as key, and the information of second of encryption is carried out with total key of systemic presupposition;Step 2:Identification equipment is used to identify the medium for being stored with data symbol information, i.e. identification equipment first carries out first time decryption with total key, then the preset password corresponding with the first number information is searched in default number information grant table to be decrypted for the second time as key and draw the second number information, the second number information such as decrypted is identical with the first number information of first time decryption, then certification passes through, the operating right according to corresponding to command code performs corresponding operation, if not by terminating.The present invention has the advantages of security performance is high.
Description
Technical field
The present invention relates to authentication techniques field, and more specifically, more particularly to a kind of identification based on recognizable code stream is set
Standby authentication method and system to terminal device.
Background technology
Current intelligent smartgate system mainly uses Technology of Radio Frequency Card, fingerprint technique or facial recognition techniques.Wherein,
Technology of Radio Frequency Card necessarily requires user to carry with badge, it has not been convenient to, be easily lost;Fingerprint technique is due to being related to privacy concern
It is unfavorable for promoting;And facial recognition techniques are expensive, are difficult to popularize.
In this case, it is possibly realized, Quick Response Code can be protected as gate inhibition's identification technology using Quick Response Code identification technology
Exist in mobile phone, the carrier by the use of mobile phone as Quick Response Code realizes that gate inhibition identifies.But because Quick Response Code is image, easily answered
System, security are poor.There is the scheme using mobile phone IME code binding time value dynamic encryptions at present, but still can only solve to know
Other information is not replicated Utilizing question in certain period of time, and can not solve the problems, such as certification, if mobile phone is lost still
It may be utilized to enter gate inhibition.And if once total key and key algorithm are leaked, then two dimension may be forged by people
Code is authenticated.
The content of the invention
A kind of authentication method it is an object of the invention to provide identification equipment based on recognizable code stream to terminal device.
The present invention is also provided with a kind of system for realizing this method.
In order to achieve the above object, the technical solution adopted by the present invention is as follows:
A kind of identification equipment based on recognizable code stream passes through terminal to the authentication method of terminal device, the authentication method
Equipment and identification equipment are implemented, and realize certification of the identification equipment to terminal device, the terminal device internal memory contains number one code
Information, the identification equipment internal memory contain number information grant table, have each number information in the number information grant table
Corresponding preset password and operating right;
Described method comprises the following steps,
Step 1:The terminal device generation is stored with the medium of data symbol information, and the medium includes using preset password
As key carry out first time encryption the first number information, temporal information, opcode information and extra-code information, and be
Default total key of uniting carries out the information of second of encryption;
Step 2:The identification equipment is used to identify the medium for being stored with data symbol information, i.e., described identification equipment is first
First time decryption is carried out with total key of systemic presupposition, then searches in default number information grant table and believes with the first number
Preset password corresponding to manner of breathing is decrypted and draws the second number information for the second time as key, if decrypt second
Number information is identical with the first number information of first time decryption, then certification is by and according to operating rights corresponding with command code
Limit performs corresponding operation, if certification is not by terminating certification.
Preferably, the step 1 includes:
Sub-step 10:The terminal device reads the first number information of terminal device;
Sub-step 11:The terminal device reads the current temporal information of terminal device;
Sub-step 12:The preset password information of the terminal device receiving terminal apparatus holder input;
Sub-step 13:The terminal device generates opcode information as needed;
Sub-step 14:The terminal device generates extra-code information as needed;
Sub-step 15:The terminal device believes the first number information, current time information, opcode information and extra-code
Breath is merged to form authentication code information;
Sub-step 16:The terminal device authentication code information is encrypted with preset password information close to form authentication code
Literary information;
Sub-step 17:Total key of the terminal device systemic presupposition is by gained in the first number information and sub-step 16
The authentication code cipher-text information gone out merges to form the output code information of encryption;
Sub-step 18:The terminal device is converted to output code information in the medium for being stored with data symbol information for knowledge
Other equipment is read.
Preferably, the step 2 includes:
Sub-step 20:The identification equipment reads the medium for being stored with data symbol information and is converted into input code letter
Breath;
Sub-step 21:The identification equipment is decrypted with total secret key pair input code of systemic presupposition, to form number one
Code information and authentication code cipher-text information;
Sub-step 22:The identification equipment carries out the first number information of reading with number information grant table to compare lookup
And judge whether to search successfully, sub-step 23 is performed if success, otherwise terminates certification;
Sub-step 23:The identification equipment taken out from number information grant table corresponding to preset password, and using this is pre-
If password authentication code cipher-text information is decrypted to obtain the second number information, current time information, opcode information and attached
Raise the price information;
Sub-step 24:If the second number information decrypted is identical with the first number information of first time decryption, table
Show certification success, then the time judged whether within tolerance band by identification equipment, if if basis it is corresponding with command code
Operating right performs corresponding operation, otherwise terminates certification.
Preferably, first number information is cell-phone number, default card number, identification card number, QQ number or Custom Number;
Preferably, the terminal device is mobile phone, tablet personal computer.
Preferably, the operating right corresponding to the command code includes certification enabling, visitor's temporary authentication opens the door, renewal mouth
Order or lock in time.
Preferably, the medium for being stored with data symbol information that the terminal device is generated be bar code, Quick Response Code,
Sound wave code or light wave code.
Preferably, the first time encryption and decryption for the first time use identical key, second of encryption and second
Secondary decryption uses identical key, and first time encryption and decryption for the first time, and second of encryption and second
Secondary decryption uses identical algorithm, and the algorithm can be DES, 3DES or AE128 or other custom algorithms.
Preferably, the certification is gate inhibition's certification or computer certification or transaction authentication.
The present invention, which also provides, a kind of realizes authenticating party of the above-mentioned identification equipment based on recognizable code stream to terminal device
The system of method, including:
Terminal device, the terminal device are used to generate the medium for being stored with data symbol information;
Identification equipment corresponding with terminal device, the identification equipment are used to identify Jie for being stored with data symbol information
Matter;
Include the first encrypting module, the second encrypting module and the medium generation module being sequentially connected in the terminal device;
The first encrypting module preset password is to the first number information, temporal information, opcode information and extra-code
Information carries out encryption for the first time to form authentication code cipher-text information;
Authentication code cipher-text information after second encrypting module is encrypted for the first time with total secret key pair of systemic presupposition is carried out
Encrypt for the second time to form the output code information of encryption;
The output code information generation one that the medium generation module is used for after being encrypted according to second is stored with data symbol
The medium of information;
The interior medium reading medium for including being sequentially connected of the identification equipment, the first deciphering module, searching modul, the second solution
Close module, judge module and execution module;
The medium reading medium is used to obtain the medium for being stored with data symbol information that medium generation module is generated,
First deciphering module is used to be decrypted according to total secret key pair input code of systemic presupposition, to form number one
Code information and authentication code cipher-text information;
The searching modul carries out the first number information read-out by the first deciphering module and number information grant table pair
According to searching and judging whether to search successfully, taken out if the second deciphering module if searching successfully from number information grant table corresponding to
Preset password, and authentication code cipher-text information is decrypted using the preset password to obtain the second number information, current time
Information, opcode information and extra-code information;
The second number information that second deciphering module decrypts is compared the judge module with what is decrypted for the first time,
It is if identical, then it represents that certification success, then the time is judged whether within tolerance band, it is corresponding if being performed if by execution module
Operation.
Compared with prior art, the advantage of the invention is that:
The present invention can allow terminal device holder to preset password, and input password when medium is generated,
It is authenticated in a manner of encryption with various systems, so as to improve the security of system.Based on this method, even if terminal device is lost
Lose, as long as password does not leak, the terminal device of loss is also impossible to be used to by certification, and unlikely counterfeit media items, which are out-tricked, recognizes
Card.And medium includes having time information, it is replicated immediately and is also not easy to be used to pass through certification.This method is based on simultaneously, also
The expanded functions such as password renewal, generation temporary visitor Quick Response Code can be realized.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments of invention, for those of ordinary skill in the art, on the premise of not paying creative work, can be with
Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is flow chart of the identification equipment of the present invention based on recognizable code stream to the authentication method of terminal device.
Fig. 2 is the frame diagram of the Verification System of the present invention encrypted.
Embodiment
The preferred embodiments of the present invention are described in detail below in conjunction with the accompanying drawings, so that advantages and features of the invention energy
It is easier to be readily appreciated by one skilled in the art, apparent is clearly defined so as to be made to protection scope of the present invention.
As shown in fig.1, the present invention provides a kind of authenticating party of identification equipment based on recognizable code stream to terminal device
Method, the authentication method are implemented by terminal device and identification equipment, realize certification of the identification equipment to terminal device, the end
End equipment internal memory contains number one code information, and the identification equipment internal memory contains number information grant table, and the number information is permitted
Can there be the preset password and operating right corresponding to each number information in table.
Described method comprises the following steps:
Step 1:The terminal device generation is stored with the medium of data symbol information, and the medium includes using preset password
As key carry out first time encryption the first number information, temporal information, opcode information and extra-code information, and be
Default total key of uniting carries out the information of second of encryption.Specifically, the step 1 includes:
Sub-step 10:The terminal device reads the first number information of terminal device;
Sub-step 11:The terminal device reads the current temporal information of terminal device;
Sub-step 12:The preset password information of the terminal device receiving terminal apparatus holder input;
Sub-step 13:The terminal device generates opcode information as needed;
Sub-step 14:The terminal device generates extra-code information as needed;
Sub-step 15:The terminal device believes the first number information, current time information, opcode information and extra-code
Breath is merged to form authentication code information;
Sub-step 16:The terminal device authentication code information is encrypted with preset password information close to form authentication code
Literary information;
Sub-step 17:Total key of the terminal device systemic presupposition is by gained in the first number information and sub-step 16
The authentication code cipher-text information gone out merges to form the output code information of encryption;
Sub-step 18:The terminal device is converted to output code information in the medium for being stored with data symbol information for knowledge
Other equipment is read.
Step 2:The identification equipment is used to identify the medium for being stored with data symbol information, i.e., described identification equipment is first
First time decryption is carried out with total key of systemic presupposition, then searches in default number information grant table and believes with the first number
Preset password corresponding to manner of breathing is decrypted and draws the second number information for the second time as key, if decrypt second
Number information is identical with the first number information of first time decryption, then certification is by and according to operating rights corresponding with command code
Limit performs corresponding operation, if certification is not by terminating certification.Specifically, step 2 includes:
Sub-step 20:The identification equipment reads the medium for being stored with data symbol information and is converted into input code letter
Breath;
Sub-step 21:The identification equipment is decrypted with total secret key pair input code of systemic presupposition, to form number one
Code information and authentication code cipher-text information;
Sub-step 22:The identification equipment carries out the first number information of reading with number information grant table to compare lookup
And judge whether to search successfully, sub-step 23 is performed if success, otherwise terminates certification;
Sub-step 23:The identification equipment taken out from number information grant table corresponding to preset password, and using this is pre-
If password authentication code cipher-text information is decrypted to obtain the second number information, current time information, opcode information and attached
Raise the price information;
Sub-step 24:If the second number information decrypted is identical with the first number information of first time decryption, table
Show certification success, then the time judged whether within tolerance band by identification equipment, if if basis it is corresponding with command code
Operating right performs corresponding operation, otherwise terminates certification.
In the present invention, first number information is cell-phone number, default card number, identification card number, QQ number or self-defined
Number etc.;
In the present invention, the medium for being stored with data symbol information that the terminal device is generated is bar code, two
Tie up code, sound wave code or light wave code.Such as using Quick Response Code as medium.And Quick Response Code reads the decryption of equipment, searches the work(such as certification
The inside one-chip computer realization that can have Quick Response Code reading equipment can also be by the computer of connection Quick Response Code identification equipment
Realize.And be not limited in the method with the direct certification of mobile phone screen, generate Quick Response Code with mobile phone or other equipment and print
Carry out reauthentication also may be used.
In the present invention, for mobile phone, tablet personal computer etc., other can be generated the terminal device and real medium is (such as two dimension
Code) equipment.
In the present invention, the operating right corresponding to the command code includes certification enabling, visitor's temporary authentication opens the door, more
New password or lock in time, in addition to other can self-defining operation.
In the present invention, first time encryption and decryption for the first time use identical key, second of encryption with
Second decryption use identical key, and first time encryption and decrypts for the first time, and second of encryption with
Second of decryption uses identical algorithm, and the algorithm can be DES, 3DES or AE128, but be not limited to specific encryption and conciliate
Decryption method, it can also use other customized algorithms.
The present invention, which also provides, a kind of realizes authenticating party of the above-mentioned identification equipment based on recognizable code stream to terminal device
The system of method, including:
Terminal device 1, the terminal device are used to generate the medium for being stored with data symbol information;It is right with terminal device 1
The identification equipment 2 answered, the identification equipment are used to identify the medium for being stored with data symbol information.
Include the first encrypting module 10, the second encrypting module 11 and the medium generation being sequentially connected in the terminal device 1
Module 12.
First encrypting module 10 to the first number information, temporal information, opcode information and is added with preset password
Code information carries out encryption for the first time to form authentication code cipher-text information;Second encrypting module 11 total key of systemic presupposition
Authentication code cipher-text information after being encrypted to first time carries out second of encryption to form the output code information of encryption;The medium life
The output code information generation one being used for into module 12 after being encrypted according to second is stored with the medium of data symbol information.
Include the medium reading medium 20, the first deciphering module 21, searching modul being sequentially connected in the identification equipment 2
22nd, the second deciphering module 23, judge module 24 and execution module 25.
The medium reading medium 20 is used to obtaining that medium generation module 12 to be generated is stored with data symbol information
Medium,
First deciphering module 21 is used to be decrypted according to total secret key pair input code of systemic presupposition, to form first
Number information and authentication code cipher-text information;The searching modul 22 by the first number information read-out by the first deciphering module with number
Code information grant table is carried out compareing lookup and judged whether to search successfully, and the second deciphering module 23 is believed from number if searching successfully
Preset password corresponding to being taken out in grant table is ceased, and using the preset password authentication code cipher-text information is decrypted to obtain the
Two number informations, current time information, opcode information and extra-code information;The judge module 24 is by the second deciphering module solution
It is close go out the second number information and first time decryption be compared, if identical, then it represents that certification success, then whether judge the time
Within tolerance band, if performing corresponding operation by execution module 25 if, such as:Certification enabling, visitor's temporary authentication are opened
Door, more new password or lock in time etc..
The present invention is used to be not limited to use in the certification of gate inhibition, can also other need the system that carries out authentication, such as count
The start of calculation machine, transaction authentication etc..
The present invention can allow terminal device holder to preset password, and input password when medium is generated,
It is authenticated in a manner of encryption with various systems, so as to improve the security of system.Password inputs in terminal, rather than
Inputted in identification equipment, make the cost of identification equipment reduce, the durability of equipment improves, and the risk that password is compromised reduces.Base
In this method, even if terminal device is lost, as long as password does not leak, the terminal device of loss is also impossible to be used to by recognizing
Card, unlikely counterfeit media items out-trick certification.And medium includes having time information, it is replicated immediately and is also not easy to be used to lead to
Cross certification.This method is based on simultaneously, the expanded functions such as password renewal, generation temporary visitor Quick Response Code can also be realized.
The present invention is described further below by the embodiment of one group of gate inhibition's certification.
Embodiment one
In the present embodiment, terminal device 1 uses mobile phone, and identification equipment 2 uses Quick Response Code identification equipment, and Quick Response Code is known
Other equipment need to have computing function (or computing function is realized by the computer of connection Quick Response Code identification equipment), and set hand
Machine grant table, preset password, operating right and other additional contents corresponding to each cell-phone number that the table has.The equipment
Also there is decryption function.Mobile phone is can generate Quick Response Code and be shown in the mobile phone of screen, the function with reading cell-phone number, or
Phone number can be set by the user.
The present embodiment specific implementation workflow be:
A mobile phones generate certification image in 2 D code, comprise the following steps:
1st, mobile phone authentication module reads cell-phone number (Phone_Number);
2nd, mobile phone authentication module reads mobile phone current time (Time);
3rd, mobile phone authentication module receives mobile phone holder and inputs password (Password);
4th, mobile phone generates command code (Operation) as needed, and the command code defines including but not limited to following several
Kind action type:
A) certification is opened the door
B) visitor's temporary authentication opens the door
C) more new password
D) lock in time
5th, mobile phone generates extra-code (Attach_code) as needed, and extra-code can be self-defined as needed, as new
Password, personal other information etc.;
6th, mobile phone authentication module merges cell-phone number, current time, command code and extra-code, and certification is formed after merging
Code Certification_code, Certification_code=Phone_Number+Time+Operation+Attach_
code;
7th, authentication code is encrypted to form authentication code ciphertext En_Certification_ with password for mobile phone authentication module
Note 1 is shown in code, En_Certification_code=Enc (Certification_code, Password), explanation;Note 1:
Enc (Certification_code, Password):Certification_code is encrypted with Password, exported
Ciphertext;
8th, total password (General_Key) of mobile phone authentication module systemic presupposition merges cell-phone number with authentication code ciphertext
The information of formation is encrypted and draws output code Output_code, Output_code=Enc (Phone_number+En_
Certification_code,General_Key)
9th, output code Output_code is converted to certification image in 2 D code and known for Quick Response Code by mobile phone two-dimension code generation module
Other equipment is read.
B Quick Response Code identification equipments are authenticated to Quick Response Code
1st, Quick Response Code identification equipment reads certification image in 2 D code, and is converted into input code Input_code, Input_
Code is the output code Output_code that mobile phone authentication module generates in foregoing A;
2nd, Quick Response Code identification equipment is decrypted input code with total password (General_Key) of systemic presupposition, forms mobile phone
Number plaintext and authentication code ciphertext;
Phone_number+En_Certification_code=Enc-1(Input_code, General_Key), explain
See note 2;Note 2:Enc-1(Input_code,General_Key):Input_code is decrypted with General_Key, exported
Original text;
3rd, Quick Response Code identification equipment compares the cell-phone number Phone_number of reading with equipment built-in mobile phone grant table
Search,
If a) searching failure, i.e., authentification failure is then represented without the cell-phone number in table, terminate certification;
If b) searched successfully, the preset password (Password) corresponding to taking-up from table, and with the password to certification
Code ciphertext is decrypted, and draws cell-phone number, current time, command code and extra-code Phone_Number+Time+Operation+
Attach_code=Enc-1(En_Certification_code,Password)
If the cell-phone number that c) decrypts and to decrypt gained cell-phone number with first time identical, then it represents that certification success
4th, after previous step certification success, whether Quick Response Code identification equipment judges the time in tolerance band,
D) certification is terminated if unlicensed scope;
E) operated if in tolerance band according to command code, i.e.,:
I. command code is " certification enabling ", then performs door opening action;
Ii. command code is " enabling of visitor's temporary authentication ", then performs door opening action and record temporary visitor according to extra-code
Information;
Iii. command code is " more new password ", then according to extra-code more new password;
Iv. command code is " lock in time ", then performs lock in time instruction;
V. command code is other, then performs other actions or instruction according to predefined.
By the implementation of the present embodiment, mobile phone holder can be allowed to preset password, and generate Quick Response Code when
Input password is waited, is authenticated in a manner of encryption with gate control system, so as to improve the security of gate control system.Based on the party
Method, even if mobile phone is lost, as long as password does not leak, the mobile phone of loss is also impossible to be used to by gate inhibition, unlikely forges
Quick Response Code is out-tricked gate inhibition.And Quick Response Code contains temporal information, it is replicated immediately and is also not easy to be used to pass through gate inhibition.Base simultaneously
In this method, the expanded functions such as password renewal, generation temporary visitor Quick Response Code can also be realized.
Although being described in conjunction with the accompanying embodiments of the present invention, patent owner can be in appended claims
Within the scope of make various deformations or amendments, as long as no more than the present invention claim described by protection domain, all should
Within protection scope of the present invention.
Claims (9)
1. a kind of identification equipment based on recognizable code stream is to the authentication method of terminal device, it is characterised in that the authenticating party
Method is implemented by terminal device and identification equipment, realizes certification of the identification equipment to terminal device, the terminal device memory storage
There is the first number information, the identification equipment internal memory contains number information grant table, has in the number information grant table every
Preset password and operating right corresponding to individual number information;
Described method comprises the following steps,
Step 1:Terminal device generation is stored with the medium of data symbol information, the medium include by the use of preset password as
Key carries out the first number information, temporal information, opcode information and the extra-code information of first time encryption, and pre- with system
If total key carry out the information of second encryption;
Step 2:The identification equipment is used to identify the medium for being stored with data symbol information, i.e., described identification equipment is first with system
Default total key of uniting carries out first time decryption, is then searched and the first number information phase in default number information grant table
Corresponding preset password is decrypted and draws the second number information for the second time as key, if the second number decrypted
Information is identical with the first number information of first time decryption, then certification according to operating right corresponding with command code by and holding
The corresponding operation of row, if certification is not by terminating certification;
The step 1 includes:
Sub-step 10:The terminal device reads the first number information of terminal device;
Sub-step 11:The terminal device reads the current temporal information of terminal device;
Sub-step 12:The preset password information of the terminal device receiving terminal apparatus holder input;
Sub-step 13:The terminal device generates opcode information as needed;
Sub-step 14:The terminal device generates extra-code information as needed;
Sub-step 15:The terminal device enters the first number information, current time information, opcode information and extra-code information
Row merges to form authentication code information;
Sub-step 16:The terminal device authentication code information is encrypted with preset password information to form authentication code ciphertext letter
Breath;
Sub-step 17:Total key of the terminal device systemic presupposition will be drawn in the first number information and sub-step 16
Authentication code cipher-text information merges to form the output code information of encryption;
Sub-step 18:The terminal device is converted to output code information in the medium for being stored with data symbol information so that identification is set
It is standby to read.
2. the identification equipment according to claim 1 based on recognizable code stream is to the authentication method of terminal device, its feature
It is, the step 2 includes:
Sub-step 20:The identification equipment reads the medium for being stored with data symbol information and is converted into input code information;
Sub-step 21:The identification equipment is decrypted with total secret key pair input code of systemic presupposition, to form the first number letter
Breath and authentication code cipher-text information;
Sub-step 22:First number information of reading is carried out compareing lookup and sentenced by the identification equipment with number information grant table
It is disconnected whether to search success, sub-step 23 is performed if success, otherwise terminates certification;
Sub-step 23:The identification equipment taken out from number information grant table corresponding to preset password, and utilize the default mouth
Order authentication code cipher-text information is decrypted to obtain the second number information, current time information, opcode information and extra-code
Information;
Sub-step 24:If the second number information decrypted is identical with the first number information of first time decryption, then it represents that recognizes
Demonstrate,prove successfully, then the time is judged whether within tolerance band by identification equipment, if the basis operation corresponding with command code if
Authority performs corresponding operation, otherwise terminates certification.
3. the identification equipment according to claim 1 based on recognizable code stream is to the authentication method of terminal device, its feature
It is, first number information is cell-phone number, default card number, identification card number, QQ number or Custom Number.
4. the identification equipment according to claim 1 based on recognizable code stream is to the authentication method of terminal device, its feature
It is, the terminal device is mobile phone, tablet personal computer.
5. the identification equipment according to claim 1 based on recognizable code stream is to the authentication method of terminal device, its feature
Be, the operating right corresponding to the command code include certification enabling, visitor's temporary authentication open the door, more new password or it is synchronous when
Between.
6. the identification equipment according to claim 1 based on recognizable code stream is to the authentication method of terminal device, its feature
It is, the medium that what the terminal device was generated be stored with data symbol information is bar code, Quick Response Code, sound wave code or light
Ripple code.
7. the identification equipment according to claim 1 based on recognizable code stream is to the authentication method of terminal device, its feature
It is, the first time encryption and decryption for the first time use identical key, and second of encryption and second of decryption use
Identical key, and first time encryption and decryption for the first time, and second of encryption are decrypted with second and adopted
With identical algorithm, the algorithm can be DES, 3DES or AE128 or other custom algorithms.
8. the identification equipment according to claim 1 based on recognizable code stream is to the authentication method of terminal device, its feature
It is, the certification is gate inhibition's certification or computer certification or transaction authentication.
9. a kind of identification equipment based on recognizable code stream realized described in claim 1-8 any one is recognized terminal device
The system of card method, it is characterised in that the system includes:
Terminal device, the terminal device are used to generate the medium for being stored with data symbol information;
Identification equipment corresponding with terminal device, the identification equipment are used to identify the medium for being stored with data symbol information;
Include the first encrypting module, the second encrypting module and the medium generation module being sequentially connected in the terminal device;
The first encrypting module preset password is to the first number information, temporal information, opcode information and extra-code information
Encryption for the first time is carried out to form authentication code cipher-text information;
Authentication code cipher-text information after second encrypting module is encrypted for the first time with total secret key pair of systemic presupposition carries out second
It is secondary to encrypt to form the output code information of encryption;
The output code information generation one that the medium generation module is used for after being encrypted according to second is stored with data symbol information
Medium;
Include medium reading medium, the first deciphering module, searching modul, the second decryption mould being sequentially connected in the identification equipment
Block, judge module and execution module;
The medium reading medium is used to obtain the medium for being stored with data symbol information that medium generation module is generated,
First deciphering module is used to be decrypted according to total secret key pair input code of systemic presupposition, to form the first number letter
Breath and authentication code cipher-text information;
The first number information read-out by first deciphering module compare looking into by the searching modul with number information grant table
Look for and judge whether to search successfully, taken out if the second deciphering module if searching successfully from number information grant table corresponding to preset
Password, and using the preset password authentication code cipher-text information is decrypted with obtain the second number information, current time information,
Opcode information and extra-code information;
The second number information that second deciphering module decrypts is compared the judge module with what is decrypted for the first time, if phase
Together, then it represents that certification success, then the time is judged whether within tolerance band, grasped accordingly if being performed if by execution module
Make.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510053181.9A CN104580255B (en) | 2015-02-02 | 2015-02-02 | Authentication method and system of the identification equipment based on recognizable code stream to terminal device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510053181.9A CN104580255B (en) | 2015-02-02 | 2015-02-02 | Authentication method and system of the identification equipment based on recognizable code stream to terminal device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104580255A CN104580255A (en) | 2015-04-29 |
| CN104580255B true CN104580255B (en) | 2017-12-12 |
Family
ID=53095435
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510053181.9A Expired - Fee Related CN104580255B (en) | 2015-02-02 | 2015-02-02 | Authentication method and system of the identification equipment based on recognizable code stream to terminal device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104580255B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107947928B (en) * | 2017-12-21 | 2020-09-18 | 武汉深捷科技股份有限公司 | Intelligent community management method and system based on Internet of things |
| CN111754232B (en) * | 2020-06-29 | 2023-11-28 | 上海通联金融服务有限公司 | Control method for verifying key fields before non-financial transaction |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1794629A (en) * | 2005-12-26 | 2006-06-28 | 上海洲信信息技术有限公司 | Method of ensuring safety of electronic mail |
| CN101710852A (en) * | 2009-11-06 | 2010-05-19 | 北京交通大学 | LDPC code encoding/decoding method and encoder/decoder with encryption function |
| CN103595730A (en) * | 2013-11-28 | 2014-02-19 | 中国科学院信息工程研究所 | Ciphertext cloud storage method and system |
| CN104125055A (en) * | 2014-06-25 | 2014-10-29 | 小米科技有限责任公司 | Encryption and decryption method and electronic device |
-
2015
- 2015-02-02 CN CN201510053181.9A patent/CN104580255B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1794629A (en) * | 2005-12-26 | 2006-06-28 | 上海洲信信息技术有限公司 | Method of ensuring safety of electronic mail |
| CN101710852A (en) * | 2009-11-06 | 2010-05-19 | 北京交通大学 | LDPC code encoding/decoding method and encoder/decoder with encryption function |
| CN103595730A (en) * | 2013-11-28 | 2014-02-19 | 中国科学院信息工程研究所 | Ciphertext cloud storage method and system |
| CN104125055A (en) * | 2014-06-25 | 2014-10-29 | 小米科技有限责任公司 | Encryption and decryption method and electronic device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104580255A (en) | 2015-04-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10606997B2 (en) | Remote identity authentication method and system and remote account opening method and system | |
| CN201181472Y (en) | Hardware key device and movable memory system | |
| CN107169374B (en) | Encryption and decryption system and method based on voiceprint and voice recognition technology | |
| EP3257194B1 (en) | Systems and methods for securely managing biometric data | |
| CN1889419B (en) | Method and apparatus for realizing encrypting | |
| CN100533459C (en) | Data safety reading method and safety storage apparatus thereof | |
| US20160012272A1 (en) | Fingerprint authentication system and a fingerprint authentication method based on nfc | |
| WO2016061899A1 (en) | Fingerprint decryption method and device | |
| CN101483654A (en) | Method and system for implementing authentication and data safe transmission | |
| KR20140028610A (en) | Apparatus and method for card payment using mobile terminal | |
| CN101685425A (en) | Mobile storage device and method of encrypting same | |
| CN103997408A (en) | Authentication method and system for transmitting authentication data by use of graphs and images | |
| CN102163267A (en) | Solid state disk as well as method and device for secure access control thereof | |
| CN110290134A (en) | A kind of identity identifying method, device, storage medium and processor | |
| CN101795450A (en) | Method and device for carrying out security protection on mobile phone data | |
| CN104468937A (en) | Data encryption and decryption methods and devices for mobile terminal and protection system | |
| CN109903052A (en) | A kind of block chain endorsement method and mobile device | |
| CN106100851B (en) | Password management system, intelligent wristwatch and its cipher management method | |
| CN104715537A (en) | Encryption and decryption method based on digital tags | |
| CN101789088A (en) | SD card with payment function | |
| CN104580255B (en) | Authentication method and system of the identification equipment based on recognizable code stream to terminal device | |
| KR20100031354A (en) | Tag security processing method using one time password | |
| CN104835039A (en) | Data label generation method | |
| CN114357418A (en) | Encryption authentication method, system, terminal device, server and storage medium | |
| CN106953731A (en) | The authentication method and system of a kind of terminal management person |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20150924 Address after: 510000 98F, 1106, Lin Lin Street, Tianhe North Road, Tianhe, Guangzhou, Guangdong, Tianhe District, China Applicant after: Guangzhou Linli Information Technology Co., Ltd. Address before: 510060 room 16, building 333, 1001 East Ring Road, Guangzhou, Guangdong, Yuexiu District Applicant before: Chen Meichi |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20171212 Termination date: 20200202 |